A Cloud-based Healthcare Framework for Security and Patients’ Data Privacy Using Wireless Body Area Networks

AbstractThe recent developments in remote healthcare systems have witnessed significant interests from IT industry (Microsoft, Google, VMware etc) that provide ubiquitous and easily deployable healthcare systems. These systems provide a platform to share medical information, applications, and infrastructure in a ubiquitous and fully automated manner. Communication security and patients’ data privacy are the aspects that would increase the confidence of users in such remote healthcare systems. This paper presents a secure cloud-based mobile healthcare framework using wireless body area networks (WBANs). The research work presented here is twofold: first, it attempts to secure the inter-sensor communication by multi-biometric based key generation scheme in WBANs; and secondly, the electronic medical records (EMRs) are securely stored in the hospital community cloud and privacy of the patients’ data is preserved. The evaluation and analysis shows that the proposed multi-biometric based mechanism provides significant security measures due to its highly efficient key generation mechanism

A Comprehensive Survey on Exiting Solution Approaches towards Security and Privacy Requirements of IoT

‘Internet of Things (IoT)’emerged as an intelligent collaborative computation and communication between a set of objects capable of providing on-demand services to other objects anytime anywhere. A large-scale deployment of data-driven cloud applications as well as automated physical things such as embed electronics, software, sensors and network connectivity enables a joint ubiquitous and pervasive internet-based computing systems well capable of interacting with each other in an IoT. IoT, a well-known term and a growing trend in IT arena certainly bring a highly connected global network structure providing a lot of beneficial aspects to a user regarding business productivity, lifestyle improvement, government efficiency, etc. It also generates enormous heterogeneous and homogeneous data needed to be analyzed properly to get insight into valuable information. However, adoption of this new reality (i.e., IoT) by integrating it with the internet invites a certain challenges from security and privacy perspective. At present, a much effort has been put towards strengthening the security system in IoT still not yet found optimal solutions towards current security flaws. Therefore, the prime aim of this study is to investigate the qualitative aspects of the conventional security solution approaches in IoT. It also extracts some open research problems that could affect the future research track of IoT arena

Ataques contra generadores de números aleatorios físicos

El presente trabajo da cuenta de lo que son los números aleatorios y verdaderamente aleatorios, haciendo hincapié en sus diferentes aplicaciones y formas de conseguirlos. La generación de números verdaderamente aleatorios es fundamental para crear contraseñas seguras y preservar la privacidad de los datos. En muchos casos, estos números aleatorios proceden de fenómenos físicos impredecibles como el ruido térmico, sistemas electrónicos caóticos o fenómenos cuánticos, para ello será necesario hablar del ruido generado por los diferentes dispositivos pasivos y semiconductores, se describirán varios con especial atención a los que sean de interés en el trabajo. En este TFM se estudiarán dispositivos físicos basados en diversos principios y su comportamiento frente a ataques activos, como alteraciones en el voltaje de alimentación o inyección de radiofrecuencia. Se estudiarán y analizarán los puntos fuertes y débiles de cada implementación y se propondrán medidas para mejorar los sistemas existentes.Departamento de Teoría de la Señal y Comunicaciones e Ingeniería TelemáticaMáster en Investigación en Tecnologías de la Información y las Comunicacione

MATURITY MODEL FOR HEALTHCARE CLOUD SECURITY

Management of security across eHealth cloud services is a major organizational challenge that healthcare organizations seek to resolve in order to aid their trusts in cloud and increase the adoption of cloud services in healthcare. The organizational challenges regarding implementations of technical security solutions are the major limiting factors for the adoption of the eHealth cloud. As such, the aim of this research will focus on developing a security maturity model, which will help healthcare organizations to provide a description of the application of their cloud security services, and an assessment and improvement of their cloud security services over time, as well as to guide and educate relevant stakeholders concerning the optimization of their security practices. The identified gaps in the review are in the aspect of adoption – the maturity models are either too complicated to implement, or they require the healthcare organization’s processes to be refined to suit the maturity model’s implementation. The Maturity Model for Healthcare Cloud Security (M2HCS) was developed using the Design Science Research Methodology (DSRM). It was validated using a formulated case study, web-based survey and interviews with practitioners, DSRM framework, and feedback from scientific community. The novel contribution of this research is the proposal of the model. M2HCS is a high level, holistic model that can be used to support and promote healthcare organization’s usable security practices against cyber and cloud security attacks